Ubuntu Security Notice 3689-2 - USN-3689-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that Libgcrypt was susceptible to a side- channel attack. A local attacker could possibly use this attack to recover ECDSA private keys. Various other issues were also addressed.
e28a6878c39988d3f66523fc14a66afd0c58b05460c84d389240bcaf04b1f87dUbuntu Security Notice 3689-1 - Keegan Ryan discovered that Libgcrypt was susceptible to a side-channel attack. A local attacker could possibly use this attack to recover ECDSA private keys.
88555ac1dd1d49a8d5c958883feb730a625259656c33ee350e93c19be692fc93Ubuntu Security Notice 3688-1 - Multiple memory safety issues were fixed in Spidermonkey. An attacker could potentially exploit these to cause a denial of service, or execute arbitrary code.
93478e51c11d985f691c7579523cae27ecd53c6663b7fd6e55f95a3b991929adGentoo Linux Security Advisory 201806-7 - A vulnerability in Transmission could allow a remote attacker to execute arbitrary RPC commands. Versions less than 2.93 are affected.
640c64903e586437d69269a8a2a8debd82824f63ea0620732f55b98c30dcdf38Gentoo Linux Security Advisory 201806-6 - A vulnerability has been found in Chromium and Chrome that could allow a remote attacker to execute arbitrary code. Versions less than 67.0.3396.87 are affected.
fca2d1e053e24ff1afda570f0222fac0af993f0dd29302decfd26a665ba3944bGentoo Linux Security Advisory 201806-5 - Multiple vulnerabilities have been found in cURL, the worst of which could result in a Denial of Service condition. Versions less than 7.60.0 are affected.
84539ba334c2ae70a3648c5332b02a77671ad7695cff1a5131ca6c9ea930ebd4Red Hat Security Advisory 2018-1854-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, and null pointer vulnerabilities.
faa3521cba5ea132c14cf1c7356833641996e0d6d030838eba24714f4f797c11This Microsoft advisory notification includes advisories released or updated on June 19, 2018.
a7e0c09e82c260ff70070b46967752d04491ae55273de0db5ca9189726ee854cRed Hat Security Advisory 2018-1944-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.
e4ecf0a030b8d4d1387834b1eedbccf78135f5aa4c8e1b9220099f7243d2b69aRed Hat Security Advisory 2018-1879-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.
24b061c310fc7ebbe8e6ad6bf55f296c790c319a0e9a1474385c839b520e6586Red Hat Security Advisory 2018-1949-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.
7dd1f39b0c41c39953b12a378dd2aafa9de45168e5289e404639259d6a8cd5fdThe activator for Desktop Bridge applications calls CreateAppContainerToken while running as a privileged account leading to creation of arbitrary object directories leading to privilege escalation.
d0530f0109ea354da30e58c9f1b6f66e77d9f78611b21d45ab804256c40bfa35Red Hat Security Advisory 2018-1948-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.
d94a2c4056df7fbcae7e5bdf63048582703f05b67dcf8f6d530571426fe1e5b8CheckSec Canopy versions 3.x before 3.0.7 suffer from a persistent cross site scripting vulnerability.
51bab819e7d71bae94f9d40d75ed240b77b7ebc2040391c1f9b6e96eb7e887adWhitepaper called Database Security Threats and Injection Technique. Written in Persian.
5d18ecda87e677b9be4fcc471c55096e2eefcceb48e70cc55ca0ed8b6636b300
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed